Thursday, February 22, 2018

Beers with Talos EP23 - Eternal Fauxmance: Attribution Easter Eggs



Beers with Talos (BWT) Podcast Episode 23 is now available.  Download this episode and subscribe to Beers with Talos:

If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast

EP23 Show Notes: 


Recorded 2/16/18 - This week, Mitch learns about starting a show without Matt with no other plans to control Craig in place. The team discusses Olympic Destroyer and then takes on attribution in light of recent developments with Nyetya. We look at what attribution actually takes and the ease and commonality of planting false flags.

Timeline:

The Roundtable

01:01 - Craig is just a wreck
09:30 - Wow, that was a long story. Anyway, here’s Nigel. It’s about the Reds, innit? Innit.
11:00 - Joel relishes the simple joys of watching Tom Brady cry.
15:31 - Mitch doesn’t babysit.

The Topics

16:37 - Olympic Destroyer - Patching on the fly with those sweet pilfered creds,
25:50 - Eternal Fauxmance - attribution is more than code
33:33 - Repercussions of Attribution
39:08 - The Return of the Prodigal host (by the way, we totally recap the whole show to that point, so a great place to restart for the drive home)
42:33 - Knowing your Exposure - Even what seems boring can be attractive to bad actors
47:36 - Parting shots, closing thoughts, but Matt Crog’d in more attribution chat, anyway
53:35 - Actual closing thoughts and parting shots


The Links:

Olympic Destroyer blog post: http://blog.talosintelligence.com/2018/02/olympic-destroyer.html
Craig tweet with comparison of Destroyer, Nyetya, and BadRabbit: https://twitter.com/security_craig/status/966398879020167168
Matt’s fave fave of all time: https://twitter.com/kpyke/status/964348866840678400

==========

Featuring: Craig Williams (@Security_Craig), Joel Esler (@JoelEsler), Matt Olney (@kpyke) and Nigel Houghton (@EnglishLFC).
Hosted by Mitch Neff (@MitchNeff).

Find all episodes:
http://cs.co/talospodcast

Subscribe via iTunes (and leave a review!)
http://cs.co/talositunes

Check out the Talos Threat Research Blog:
http://cs.co/talosresearch

Subscribe to the Threat Source newsletter:
http://cs.co/talosupdate

Follow Talos on Twitter:
http://cs.co/talostwitter

Give us your feedback and suggestions for topics:
beerswithtalos@cisco.com

No comments:

Post a Comment